ceos-clarity
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git -C <ceos_root> pullto synchronize business data with teammates. This is a standard operation for collaborative repositories and uses the--ff-onlyand--quietflags to ensure a safe and non-intrusive update process. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and summarizes content from various shared files (e.g., vision, rocks, scorecard, issues).
- Ingestion points: Data is pulled from
data/vision.md,data/rocks/,data/scorecard/weeks/,data/issues/open/, anddata/accountability.md. - Boundary markers: The instructions do not specify explicit delimiters (like XML tags or triple dashes) when the agent summarizes these files for the user.
- Capability inventory: The skill possesses
Read,Write, andGlobtools, and can executegitcommands via subprocess. - Sanitization: The agent is instructed to transform the data (summarizing, counting, and identifying trends) rather than passing it through directly, which reduces the risk of malicious instructions in the data being executed.
Audit Metadata